[f2fs-dev] [Bug 220575] New: Unable to handle kernel NULL pointer dereference at virtual address 0000000000000000

Sun, 14 Sep 2025 20:34:43 -0700 

https://bugzilla.kernel.org/show_bug.cgi?id=220575

            Bug ID: 220575
           Summary: Unable to handle kernel NULL pointer dereference at
                    virtual address 0000000000000000
           Product: File System
           Version: 2.5
    Kernel Version: 6.12.30-android16
          Hardware: ARM
                OS: Linux
            Status: NEW
          Severity: normal
          Priority: P3
         Component: f2fs
          Assignee: filesystem_f...@kernel-bugs.kernel.org
          Reporter: jy...@mediatek.com
        Regression: No

Hi experts,

We encountered an f2fs issue in a Linux 6.12.30 environment. (Android 16)
Linux source code:
https://android.googlesource.com/kernel/common/+/refs/heads/android16-6.12-2025-07

Further analysis confirms that the issue occurs at the following line:
return page_private_gcing(fscrypt_pagecache_page(page));

In this case, the ptr argument passed to page_private_gcing() is NULL.
Does anyone have any idea about this situation?
Thanks.

[ T6790] Unable to handle kernel NULL pointer dereference at virtual address
0000000000000000
[ T6790] Mem abort info:
[ T6790]   ESR = 0x0000000096000006
[ T6790]   EC = 0x25: DABT (current EL), IL = 32 bits
[ T6790]   SET = 0, FnV = 0
[ T6790]   EA = 0, S1PTW = 0
[ T6790]   FSC = 0x06: level 2 translation fault
[ T6790] Data abort info:
[ T6790]   ISV = 0, ISS = 0x00000006, ISS2 = 0x00000000
[ T6790]   CM = 0, WnR = 0, TnD = 0, TagAccess = 0
[ T6790]   GCS = 0, Overlay = 0, DirtyBit = 0, Xs = 0
[ T6790] user pgtable: 4k pages, 39-bit VAs, pgdp=0000000037b28000
[ T6790] [0000000000000000] pgd=0800000039429003, p4d=0800000039429003,
pud=0800000039429003, pmd=0000000000000000
[ T6790] Internal error: Oops: 0000000096000006 [#1] PREEMPT SMP
[ T6790] Kernel Offset: 0x0 from 0xffffffc080000000
[ T6790] PHYS_OFFSET: 0x0
[ T6790] pstate: 20400005 (nzCv daif +PAN -UAO)
[ T6790] pc : [0xffffffe51d249484] f2fs_is_cp_guaranteed+0x70/0x98
[ T6790] lr : [0xffffffe51d24adbc] f2fs_merge_page_bio+0x520/0x6d4
[ T6790] sp : ffffffc08cc13280
[ T6790] x29: ffffffc08cc132a0 x28: fffffffec0bae200
[ T6790] x27: 0000000000000168 x26: dead000000000100
[ T6790] x25: 0000000000000002 x24: 0000000000000000
[ T6790] x23: ffffff8077b65ae8 x22: ffffff802a06a000
[ T6790] x21: fffffffec1fcb240 x20: ffffff802a06a000
[ T6790] x19: ffffffc08cc133d0 x18: 0000000000000000
[ T6790] x17: 000000008c623181 x16: 000000008c623181
[ T6790] x15: 000000000000ba7e x14: ffffff802a7accc0
[ T6790] x13: ffffffc08cc10000 x12: ffffffc08cc14000
[ T6790] x11: 0000000000000000 x10: 0000000000000001
[ T6790] x9 : ffffffe51d24adbc x8 : 0000000000000000
[ T6790] x7 : 0000000000000000 x6 : 0000000000000000
[ T6790] x5 : fffffffebf3448e0 x4 : 0000000000000000
[ T6790] x3 : ffffffc08cc13070 x2 : 0000000000001000
[ T6790] x1 : fffffffec1fcb240 x0 : 0000000000000000
[ T6790] PC: 0xffffffe51d249484:
[ T6790] CPU: 3 UID: 0 PID: 6790 Comm: kworker/u16:3 Tainted: P    B   W  OE   
  6.12.30-android16-5-maybe-dirty-4k #1
5f7701c9cbf727d1eebe77c89bbbeb3371e895e5
[ T6790] Tainted: [P]=PROPRIETARY_MODULE, [B]=BAD_PAGE, [W]=WARN,
[O]=OOT_MODULE, [E]=UNSIGNED_MODULE
[ T6790] Workqueue: writeback wb_workfn (flush-254:49)
[ T6790] Call trace:
[ T6790]  dump_backtrace+0xf4/0x130
[ T6790]  show_stack+0x20/0x30
[ T6790]  dump_stack_lvl+0x40/0xa0
[ T6790]  dump_stack+0x18/0x24
[ T6790]  notify_die+0x50/0x8c
[ T6790]  die+0x9c/0x310
[ T6790]  __do_kernel_fault+0x294/0x2a4
[ T6790]  do_page_fault+0xac/0x640
[ T6790]  do_translation_fault+0x48/0x11c
[ T6790]  do_mem_abort+0x5c/0x108
[ T6790]  el1_abort+0x3c/0x5c
[ T6790]  el1h_64_sync_handler+0x80/0xcc
[ T6790]  el1h_64_sync+0x68/0x6c
[ T6790]  f2fs_is_cp_guaranteed+0x70/0x98
[ T6790]  f2fs_inplace_write_data+0x174/0x2f4
[ T6790]  f2fs_do_write_data_page+0x214/0x81c
[ T6790]  f2fs_write_single_data_page+0x28c/0x764
[ T6790]  f2fs_write_data_pages+0x78c/0xce4
[ T6790]  do_writepages+0xe8/0x2fc
[ T6790]  __writeback_single_inode+0x4c/0x4b4
[ T6790]  writeback_sb_inodes+0x314/0x540
[ T6790]  __writeback_inodes_wb+0xa4/0xf4
[ T6790]  wb_writeback+0x160/0x448
[ T6790]  wb_workfn+0x2f0/0x5dc
[ T6790]  process_scheduled_works+0x1c8/0x458
[ T6790]  worker_thread+0x334/0x3f0
[ T6790]  kthread+0x118/0x1ac
[ T6790]  ret_from_fork+0x10/0x20

-- 
You may reply to this email to add a comment.

You are receiving this mail because:
You are watching the assignee of the bug.

_______________________________________________
Linux-f2fs-devel mailing list
Linux-f2fs-devel@lists.sourceforge.net
https://lists.sourceforge.net/lists/listinfo/linux-f2fs-devel

Reply via email to